Lucene search
This script is Copyright (C) 2015-2024 and is owned by Tenable, Inc. or an Affiliate thereof.CISCO-SA-20150325-MDNS-IOSXE.NASLHistoryApr 03, 2015 - 12:00 a.m.
Cisco IOS XE Software mDNS Gateway DoS
2015-04-0300:00:00
This script is Copyright (C) 2015-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
12
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
6.6 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
56.1%
The remote Cisco device is running a version of Cisco IOS XE software that is affected by a vulnerability in the multicast DNS gateway component due to improper validation of mDNS packets. A remote, unauthenticated attacker, by sending crafted packets to UDP port 5353, can exploit this to cause a device reload, leading to a denial of service.
#TRUSTED 228fc928093dd1d243100aadbb1b091c98eef2866684c495c62a4ff2e9f735402b625bf2cfed4a1833cdc4df215a37c3dccd6acac983970540ac20a0420a3220e3f5975fb59ca6d489416a6a85db59aaee3ef9d116c46f3f019401888f97008550011cfe73b044e27f66939c05358825b70cbe8b08232dfc140f9d6c5d497a0f32e416b37d1cffcf2a1e648012b23fd5df522fba3bc94298d0d81d37d9f0cd2a02e26da1d3a5de1a0fb9aeb6ea21bf7adb6e46f9e83b00fccc5369acdb184f6a2a3362bbf4a23c3a37d58a95f176e9672b6b592190a176bac6fb960a8c3464e10ba95160ebf9bcb0a290b864f5a992b6d4fada19dc1e40c7ab0792299b7850cce61b6a90163094fab07885c059cf34ee7413c019ccb1380680efc95dddd526809881947b7587a85fd3e34cea32d22c81d6ea22e73cf53cb9c24ed2ca34d2bdb04a48ab3e09d1cc126d4a9c7d32a455266b000be5f1ff5b8d66dc7d19ee2c93bd82649259ee9c5673c6bb6a4c81beddfee89a182d1625d9af950514ab0252cd18a3cc34af1ee6916529e70146163501ff8236f865733b6216dc65f8f3dcff508c4004f070e9a37623dd112a2216e56272b406fd351f6579f355588062db1401baa13ac02b3905193e06e1bfa19fcab9b67f8d539c208cfd9a19d07ee2a8d82f7cbf8c226c1fddf0d0c36fa846e07fc107ba2555b2845dffe99ad502dae853227a
#TRUST-RSA-SHA256 9711514249899dcb8f14d2ddb8d2cb81fbd656002a30c15701fa089a4bc01f9bb7bf1bf0b7db7cae0529ee692c4b3dfca93fd39c64fe9b4e984a15e3aa636424f495862665a9cc63b74a8c880a1467732d9b8343b7d01fdcdf0fb2d5fc70d7d42c1c40765ded63c5cf21585ff830a2ab61789b14a361b5c29e42c20adbb6a8c17503a6dc55ad97d05831259e62f4cb78dd2ed5e83adddd7acddba0170433099488cb46304ad3b086c0b80e980accfaddf5b150945fabf0ccb8389c8545c41cd3b6c7b4d65714d8f6dcc2ea52174c35ed289978f4a89b96da4c7dd606183b02e8ca8003767e407dcf81fb2052a2b8e0b41c049748b24a6510837ea5ef805bd6d3147c6365dd5f30005bb00a71c392d973e98325a35e1bb944172fbde8c02bc90ffdcdaf33a26ef13b11fb2025a3179baf8a3d8878f6b212ecb78bf704cbacd4a1f8678b7a25beee3d9f41add0c6af11af7f36376d720863505258a32b3ea583071db591c3b77d6ea68ee514089df26e199b9e31079d4f3b9de71ecc09ad7868d0b82a6aad1a43eda20640671a6677493ab0696b3bf75989a5f77e9fbdfbd8980cc6a81bed61f33209689cb7393586eb0367709db598d94bcf66d367011ab5a05b02b1450622b7c2f050886a2df84e4cdc6e41e0b1b10572dbf104c67ac23da301ce1b3b77e0544af71b20d67f50500cc01d4bf2dc3d23da364ff3fe46b3af7ed5
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(82573);
script_version("1.16");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/05/03");
script_cve_id("CVE-2015-0650");
script_bugtraq_id(73335);
script_xref(name:"CISCO-BUG-ID", value:"CSCup70579");
script_xref(name:"CISCO-SA", value:"cisco-sa-20150325-mdns");
script_name(english:"Cisco IOS XE Software mDNS Gateway DoS");
script_summary(english:"Checks the IOS XE version.");
script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch.");
script_set_attribute(attribute:"description", value:
"The remote Cisco device is running a version of Cisco IOS XE software
that is affected by a vulnerability in the multicast DNS gateway
component due to improper validation of mDNS packets. A remote,
unauthenticated attacker, by sending crafted packets to UDP port 5353,
can exploit this to cause a device reload, leading to a denial of
service.");
script_set_attribute(attribute:"see_also", value:"https://tools.cisco.com/bugsearch/bug/CSCup70579");
# https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-mdns
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?7a10c73d");
script_set_attribute(attribute:"see_also", value:"https://tools.cisco.com/security/center/viewAlert.x?alertId=37820");
script_set_attribute(attribute:"solution", value:
"Apply the relevant patch referenced in Cisco bug ID CSCup70579.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"vuln_publication_date", value:"2015/03/25");
script_set_attribute(attribute:"patch_publication_date", value:"2015/03/31");
script_set_attribute(attribute:"plugin_publication_date", value:"2015/04/03");
script_set_attribute(attribute:"plugin_type", value:"combined");
script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:ios_xe");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CISCO");
script_copyright(english:"This script is Copyright (C) 2015-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("cisco_ios_xe_version.nasl");
script_require_keys("Host/Cisco/IOS-XE/Version");
exit(0);
}
include("audit.inc");
include("cisco_func.inc");
include("cisco_kb_cmd_func.inc");
version = get_kb_item_or_exit("Host/Cisco/IOS-XE/Version");
flag = 0;
override = 0;
if (
version =~ "^3.3.[01]SE$" ||
version =~ "^3.5.[0-3]E$" ||
version =~ "^3.6.0E$" ||
version =~ "^3.10.([0123]|1x[bc]|2a)S$" ||
version =~ "^3.11.[012]S$" ||
version =~ "^3.12.[01]S$" ||
version =~ "^3.13.0a?S$"
) flag++;
if (flag && get_kb_item("Host/local_checks_enabled"))
{
flag = 0;
buf = cisco_command_kb_item("Host/Cisco/Config/show_ip_socket",
"show ip socket");
if (check_cisco_result(buf))
{
if (preg(multiline:TRUE, pattern:"(\d+.\d+.\d+.\d+|.*:.*|UNKNOWN|--any--)\s+5353\s", string:buf))
flag = 1;
}
else if (cisco_needs_enable(buf))
{
flag++;
override++;
}
}
if (flag)
{
if (report_verbosity > 0)
{
report =
'\n Cisco bug ID : CSCup70579' +
'\n Installed release : ' + version +
'\n';
security_hole(port:0, extra:report + cisco_caveat(override));
}
else security_hole(port:0, extra:cisco_caveat(override));
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
Related
openvas
openvas
nvd
nvd
CVE-2015-0650
2015-03-26 10:59:14
cvelist
cvelist
CVE-2015-0650
2015-03-26 10:00:00
prion
prion
Design/Logic Flaw
2015-03-26 10:59:00
cve
cve
CVE-2015-0650
2015-03-26 10:59:14
nessus
nessus
Cisco IOS Software mDNS Gateway DoS
2015-04-03 00:00:00
cisco
cisco
securityvulns
securityvulns
Cisco IOS multiple security vulnerabilities
2015-04-16 00:00:00
kaspersky
kaspersky
KLA10510 Multiple vulnerabilities in Cisco IOS
2015-03-26 00:00:00
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
6.6 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
56.1%
Related for CISCO-SA-20150325-MDNS-IOSXE.NASL